Sunday, 18 November 2018

Securing SharePoint O365

Microsoft outline how they treat access to your company data, how your data is kept secure and audit and availability, read this post. The information below notes possible settings and configuration to secure 0365.Azure AD is the key, ensure auth is 100%. e.g. MFA for some or all accounts. Use the "Identity Secure Score" to check possible problems. Consider Microsoft Authenticator for MFA.

O365 Settings use:

Secure Score - Overview of my tenant settings and how they should be set. Check my tenant again set MS best practices for O365.

Validate setting meet governance and are not merely defaults.

Review SPO audit logs - ensure it is turned on (default is to have it turned off).